Firewall Wizards mailing list archives
Re: hping
From: Darren Reed <darrenr () reed wattle id au>
Date: Tue, 15 Dec 1998 07:59:15 +1100 (EST)
In some email I received from Cristiano Lincoln Mattos, sie wrote:
If you're thinking about something like traceroute, it already exists, an interesting project called FireWalk: http://www.es2.net/research/firewalk/
I'm somewhat disappointed with the diffs to traceroute at the bottom of http://www.es2.net/research/firewalk/firewalk-final.html The page does eventually arrive at the general idea that traceroute isn't UDP/ICMP specific but takes much too long to get there and even then doesn't really say much at all about it - but the cat is really out of the bag now and if I were using FW-1, I'd be quite concerned about how leaky it is with respect to TCP (and I wonder, how easy to exploit Cisco/Linux/other packet filter rulesets ?). mmm, IP Filter's statefullness for TCP :-) The page does, at least, reference using port 53, but again the diff. for traceroute fails to make it a true exploit of the "DNS port" case, even though newer BIND releases are trying desperately hard to break the old model of port associations for intra-server communications. Darren
On Sat, 12 Dec 1998, Darren Reed wrote:The cool thing about tools such as hping is what can be achieved through those hosts acting as routers with Firewall-1 installed. The next step with hping is, I think, even more interesting than what can be seen with this (hint: hack on another very commonly used tool like ping). Darren
Current thread:
- Re: hping Salvatore Sanfilippo (Dec 11)
- Re: hping Darren Reed (Dec 14)
- traceroute using TCP (was Re: hping) Darren Reed (Dec 18)